ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 76

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 751

Report
Export
Collapse

Which of the following initiates the system recovery phase of a disaster recovery plan?

A.
Evacuating the disaster site
A.
Evacuating the disaster site
Answers
B.
Assessing the extent of damage following the disaster
B.
Assessing the extent of damage following the disaster
Answers
C.
Issuing a formal disaster declaration
C.
Issuing a formal disaster declaration
Answers
D.
Activating the organization's hot site
D.
Activating the organization's hot site
Answers
Suggested answer: C

Question 752

Report
Export
Collapse

Which of the following will help prevent improper session handling?

A.
Ensure that all UlWebView calls do not execute without proper input validation.
A.
Ensure that all UlWebView calls do not execute without proper input validation.
Answers
B.
Ensure that tokens are sufficiently long, complex, and pseudo-random.
B.
Ensure that tokens are sufficiently long, complex, and pseudo-random.
Answers
C.
Ensure JavaScript and plugin support is disabled.
C.
Ensure JavaScript and plugin support is disabled.
Answers
D.
Ensure that certificates are valid and fail closed.
D.
Ensure that certificates are valid and fail closed.
Answers
Suggested answer: B

Question 753

Report
Export
Collapse

An organization is outsourcing its payroll system and is requesting to conduct a full audit on the thirdparty information technology (IT) systems. During the due diligence process, the third party provides previous audit report on its IT system.

Which of the following MUST be considered by the organization in order for the audit reports to be acceptable?

A.
The audit assessment has been conducted by an independent assessor.
A.
The audit assessment has been conducted by an independent assessor.
Answers
B.
The audit reports have been signed by the third-party senior management.
B.
The audit reports have been signed by the third-party senior management.
Answers
C.
The audit reports have been issued in the last six months.
C.
The audit reports have been issued in the last six months.
Answers
D.
The audit assessment has been conducted by an international audit firm.
D.
The audit assessment has been conducted by an international audit firm.
Answers
Suggested answer: A

Question 754

Report
Export
Collapse

Utilizing a public wireless Local Area network (WLAN) to connect to a private network should be done only in which of the following situations?

A.
Extensible Authentication Protocol (EAP) is utilized to authenticate the user.
A.
Extensible Authentication Protocol (EAP) is utilized to authenticate the user.
Answers
B.
The client machine has a personal firewall and utilizes a Virtual Private Network (VPN) to connect to the network.
B.
The client machine has a personal firewall and utilizes a Virtual Private Network (VPN) to connect to the network.
Answers
C.
The client machine has antivirus software and has been seamed to determine if unauthorized ports are open.
C.
The client machine has antivirus software and has been seamed to determine if unauthorized ports are open.
Answers
D.
The wireless Access Point (AP) is placed in the internal private network.
D.
The wireless Access Point (AP) is placed in the internal private network.
Answers
Suggested answer: A

Question 755

Report
Export
Collapse

Which of the following technologies would provide the BEST alternative to anti-malware software?

A.
Host-based Intrusion Detection Systems (HIDS)
A.
Host-based Intrusion Detection Systems (HIDS)
Answers
B.
Application whitelisting
B.
Application whitelisting
Answers
C.
Host-based firewalls
C.
Host-based firewalls
Answers
D.
Application sandboxing
D.
Application sandboxing
Answers
Suggested answer: B

Question 756

Report
Export
Collapse

Which of the following is MOST critical in a contract in a contract for data disposal on a hard drive with a third party?

A.
Authorized destruction times
A.
Authorized destruction times
Answers
B.
Allowed unallocated disk space
B.
Allowed unallocated disk space
Answers
C.
Amount of overwrites required
C.
Amount of overwrites required
Answers
D.
Frequency of recovered media
D.
Frequency of recovered media
Answers
Suggested answer: C

Question 757

Report
Export
Collapse

Which of the following attributes could be used to describe a protection mechanism of an open design methodology?

A.
lt must be tamperproof to protect it from malicious attacks.
A.
lt must be tamperproof to protect it from malicious attacks.
Answers
B.
It can facilitate independent confirmation of the design security.
B.
It can facilitate independent confirmation of the design security.
Answers
C.
It can facilitate blackbox penetration testing.
C.
It can facilitate blackbox penetration testing.
Answers
D.
It exposes the design to vulnerabilities and malicious attacks.
D.
It exposes the design to vulnerabilities and malicious attacks.
Answers
Suggested answer: A

Question 758

Report
Export
Collapse

What is a common mistake in records retention?

A.
Having the organization legal department create a retention policy
A.
Having the organization legal department create a retention policy
Answers
B.
Adopting a retention policy based on applicable organization requirements
B.
Adopting a retention policy based on applicable organization requirements
Answers
C.
Having the Human Resource (HR) department create a retention policy
C.
Having the Human Resource (HR) department create a retention policy
Answers
D.
Adopting a retention policy with the longest requirement period
D.
Adopting a retention policy with the longest requirement period
Answers
Suggested answer: C

Question 759

Report
Export
Collapse

Which inherent password weakness does a One Time Password (OTP) generator overcome?

A.
Static passwords must be changed frequently.
A.
Static passwords must be changed frequently.
Answers
B.
Static passwords are too predictable.
B.
Static passwords are too predictable.
Answers
C.
Static passwords are difficult to generate.
C.
Static passwords are difficult to generate.
Answers
D.
Static passwords are easily disclosed.
D.
Static passwords are easily disclosed.
Answers
Suggested answer: D

Question 760

Report
Export
Collapse

What is the BEST way to establish identity over the internet?

A.
Challenge Handshake Authentication Protocol (CHAP) and strong passwords
A.
Challenge Handshake Authentication Protocol (CHAP) and strong passwords
Answers
B.
Internet Mail Access Protocol (IMAP) with Triple Data Encryption Standard (3DES)
B.
Internet Mail Access Protocol (IMAP) with Triple Data Encryption Standard (3DES)
Answers
C.
Remote Authentication Dial-In User Service (RADIUS) server with hardware tokens
C.
Remote Authentication Dial-In User Service (RADIUS) server with hardware tokens
Answers
D.
Remote user authentication via Simple Object Access Protocol (SOAP)
D.
Remote user authentication via Simple Object Access Protocol (SOAP)
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms